Firewall Wizards mailing list archives
re: Home firewall/NAT appliances
From: Mike Hoskins <mike () adept org>
Date: Wed, 16 Jul 2003 11:26:06 -0700 (PDT)
Date: Wed, 16 Jul 2003 09:22:16 -0400 From: Dave Piscitello <dave () corecom com> Subject: [fw-wiz] Home firewall/NAT appliances Most every home firewall/NAT appliance I've configured comes with an out-of-the-box default policy of "allow any outbound". Is this everyone's experience?
that has certainly been my experience... i believe that's to stop the flurry of 'why doesn't my internet work?' calls to tech support. most users expect plug and pray, and don't read docs when things fail to work OOB... to be fair, many commercial firewall solutions do the same. the difference is, many (most?) firewall appliances are configured by end users, not security professionals. as a result, trojans that find their way to the victim's machine are essentially given permission to bypass the firewall. all without the user's knowledge, of course. i can't really blame the manufacturers though... at least not completely. (if they specifically sell the box as a 'solution' in a way that implies things should work OOB, then i would place blame.) i can't comprehend someone buying a 'firewall' and not knowing some configuration is required. maybe 'some assembly required' needs to be explicitly stamped on security product packaging like it is on children's toys. ;) -mrh -- From: "Spam Catcher" <spam-catcher () adept org> To: spam-catcher () adept org Do NOT send email to the address listed above or you will be added to a blacklist! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Home firewall/NAT appliances Dave Piscitello (Jul 16)
- Re: Home firewall/NAT appliances Baruch Even (Jul 18)
- Message not available
- Re: Home firewall/NAT appliances - summary Dave Piscitello (Jul 18)
- Re: Home firewall/NAT appliances - summary Christopher Hicks (Jul 20)
- Re: Home firewall/NAT appliances - summary Dave Piscitello (Jul 18)
- <Possible follow-ups>
- re: Home firewall/NAT appliances Mike Hoskins (Jul 18)